[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3khYrnF_l-eLGcoNt-vz_IZ8csFud4DP_DZWwrroO5Y":3},{"slug":4,"name":5,"version":6,"author":5,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":12,"unpatched_count":12,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":34,"fingerprints":68},"clickmeeting","ClickMeeting","1.0.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fclickmeeting\u002F","\u003Cp>ClickMeeting  is  a  platform  that  allows  for  webinars, online  meetings,  presentations,  lectures  and collaborations; it enables participants to log in from any  localization in the world to hold an event. ClickMeeting enables organizing, running and participating in webinars for up to 5000 people and meetings for up to 25 people.\u003C\u002Fp>\n\u003Cp>Turn your blog and website visitors into highly engaged webinar attendees. Embed your webinar room directly in your website in a few simple steps.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Create a ClickMeeting account at https:\u002F\u002Fclickmeeting.com\u002Ffree-signup\u003C\u002Fli>\n\u003Cli>Create your first webinar event and receive an unique URL (eg. https:\u002F\u002Fmyaccount.clickmeeting.com\u002Fmyevent)\u003C\u002Fli>\n\u003Cli>In order to embed your event room to your website, simply type [clickmeeting lang=”en” ]https:\u002F\u002Fmyaccount.clickmeeting.com\u002Fmyevent[\u002Fclickmeeting] in your WYSWIG editor\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If you have any question please contact us via contact form:\u003Cbr \u002F>\nhttp:\u002F\u002Fclickmeeting.com\u002Fcontact\u003C\u002Fp>\n","ClickMeeting  is  a  platform  that  allows for  webinars, online  meetings, presentations,  lectures  and collaborations.",100,5250,0,"2016-08-26T11:27:00.000Z","4.6.30","4.0","",[4,18,19,20,21],"online-meeting-software","webinar-services","webinar-software","webinars-software","http:\u002F\u002Fclickmeeting.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclickmeeting.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":4,"display_name":5,"profile_url":7,"plugin_count":29,"total_installs":10,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},1,30,84,"2026-04-04T13:56:34.729Z",[],{"attackSurface":35,"codeSignals":50,"taintFlows":58,"riskAssessment":59,"analyzedAt":67},{"hooks":36,"ajaxHandlers":43,"restRoutes":44,"shortcodes":45,"cronEvents":49,"entryPointCount":29,"unprotectedCount":12},[37],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","init","register_shortcodes","includes\\oembed-clickmeeting.php",51,[],[],[46],{"tag":4,"callback":47,"file":41,"line":48},"clickmeeting_shortcode",48,[],{"dangerousFunctions":51,"sqlUsage":52,"outputEscaping":54,"fileOperations":12,"externalRequests":12,"nonceChecks":12,"capabilityChecks":12,"bundledLibraries":57},[],{"prepared":12,"raw":12,"locations":53},[],{"escaped":55,"rawEcho":12,"locations":56},5,[],[],[],{"summary":60,"deductions":61},"The ClickMeeting plugin v1.0.0 appears to have a strong security posture based on the provided static analysis. The absence of dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), and improper output escaping are significant strengths. Furthermore, the plugin demonstrates no file operations or external HTTP requests, which are common vectors for exploits. The lack of any recorded vulnerabilities in its history is also a positive indicator of diligent security practices by the developers.\n\nHowever, there are areas for improvement and potential concern. The static analysis reveals a complete absence of nonce checks and capability checks. This is a critical oversight, especially for any functionality that interacts with the WordPress backend or user data. While the attack surface is small and currently has no unprotected entry points, the lack of these fundamental security checks means that even the existing shortcode could potentially be exploited if it performs sensitive operations. The taint analysis showing zero flows is good, but this could be due to a lack of complexity or an incomplete analysis; the missing capability and nonce checks suggest that a more thorough taint analysis might reveal issues if the shortcode has any side effects.\n\nIn conclusion, the plugin exhibits excellent practices in areas like SQL query handling and output escaping, and its vulnerability history is clean. Nevertheless, the complete omission of nonce and capability checks represents a significant security weakness that could lead to unauthorized actions or data manipulation. This is the primary area of concern for this version of the plugin.",[62,65],{"reason":63,"points":64},"Missing nonce checks",10,{"reason":66,"points":64},"Missing capability checks","2026-03-16T20:40:37.254Z",{"wat":69,"direct":74},{"assetPaths":70,"generatorPatterns":71,"scriptPaths":72,"versionParams":73},[],[],[],[],{"cssClasses":75,"htmlComments":77,"htmlAttributes":78,"restEndpoints":79,"jsGlobals":80,"shortcodeOutput":81},[76],"clickmeeting-iframe",[],[],[],[],[82],"\u003Cdiv class=\"clickmeeting-iframe\">\u003Ciframe src=\""]